/** * {@inheritdoc} */ public function buildForm(FormBuilderInterface $builder, array $options) { $builder->addEventSubscriber(new CleanFormSubscriber(['description' => 'html'])); $builder->addEventSubscriber(new FormExitSubscriber('stage', $options)); $builder->add('description', 'textarea', ['label' => 'mautic.core.description', 'label_attr' => ['class' => 'control-label'], 'attr' => ['class' => 'form-control editor'], 'required' => false]); $builder->add('name', 'text', ['label' => 'mautic.core.name', 'label_attr' => ['class' => 'control-label'], 'attr' => ['class' => 'form-control']]); $builder->add('weight', 'number', ['label' => 'mautic.stage.action.weight', 'label_attr' => ['class' => 'control-label'], 'attr' => ['class' => 'form-control', 'tooltip' => 'mautic.stage.action.weight.help'], 'precision' => 0, 'required' => false]); if (!empty($options['data']) && $options['data'] instanceof Stage) { $readonly = !$this->security->hasEntityAccess('stage:stages:publishown', 'stage:stages:publishother', $options['data']->getCreatedBy()); $data = $options['data']->isPublished(false); } elseif (!$this->security->isGranted('stage:stages:publishown')) { $readonly = true; $data = false; } else { $readonly = false; $data = true; } $builder->add('isPublished', 'yesno_button_group', ['read_only' => $readonly, 'data' => $data]); $builder->add('publishUp', 'datetime', ['widget' => 'single_text', 'label' => 'mautic.core.form.publishup', 'label_attr' => ['class' => 'control-label'], 'attr' => ['class' => 'form-control', 'data-toggle' => 'datetime'], 'format' => 'yyyy-MM-dd HH:mm', 'required' => false]); $builder->add('publishDown', 'datetime', ['widget' => 'single_text', 'label' => 'mautic.core.form.publishdown', 'label_attr' => ['class' => 'control-label'], 'attr' => ['class' => 'form-control', 'data-toggle' => 'datetime'], 'format' => 'yyyy-MM-dd HH:mm', 'required' => false]); //add category $builder->add('category', 'category', ['bundle' => 'stage']); $builder->add('buttons', 'form_buttons'); if (!empty($options['action'])) { $builder->setAction($options['action']); } }
/** * {@inheritdoc} */ public function buildForm(FormBuilderInterface $builder, array $options) { $builder->addEventSubscriber(new CleanFormSubscriber(['description' => 'html'])); $builder->addEventSubscriber(new FormExitSubscriber('point', $options)); $builder->add('name', 'text', ['label' => 'mautic.core.name', 'label_attr' => ['class' => 'control-label'], 'attr' => ['class' => 'form-control']]); $builder->add('description', 'textarea', ['label' => 'mautic.core.description', 'label_attr' => ['class' => 'control-label'], 'attr' => ['class' => 'form-control editor'], 'required' => false]); $builder->add('type', 'choice', ['choices' => $options['pointActions']['choices'], 'empty_value' => '', 'label' => 'mautic.point.form.type', 'label_attr' => ['class' => 'control-label'], 'attr' => ['class' => 'form-control', 'onchange' => 'Mautic.getPointActionPropertiesForm(this.value);']]); $builder->add('delta', 'number', ['label' => 'mautic.point.action.delta', 'label_attr' => ['class' => 'control-label'], 'attr' => ['class' => 'form-control', 'tooltip' => 'mautic.point.action.delta.help'], 'precision' => 0]); $type = !empty($options['actionType']) ? $options['actionType'] : $options['data']->getType(); if ($type) { $formType = !empty($options['pointActions']['actions'][$type]['formType']) ? $options['pointActions']['actions'][$type]['formType'] : 'genericpoint_settings'; $properties = $options['data'] ? $options['data']->getProperties() : []; $builder->add('properties', $formType, ['label' => false, 'data' => $properties]); } if (!empty($options['data']) && $options['data'] instanceof Point) { $readonly = !$this->security->hasEntityAccess('point:points:publishown', 'point:points:publishother', $options['data']->getCreatedBy()); $data = $options['data']->isPublished(false); } elseif (!$this->security->isGranted('point:points:publishown')) { $readonly = true; $data = false; } else { $readonly = false; $data = true; } $builder->add('isPublished', 'yesno_button_group', ['read_only' => $readonly, 'data' => $data]); $builder->add('publishUp', 'datetime', ['widget' => 'single_text', 'label' => 'mautic.core.form.publishup', 'label_attr' => ['class' => 'control-label'], 'attr' => ['class' => 'form-control', 'data-toggle' => 'datetime'], 'format' => 'yyyy-MM-dd HH:mm', 'required' => false]); $builder->add('publishDown', 'datetime', ['widget' => 'single_text', 'label' => 'mautic.core.form.publishdown', 'label_attr' => ['class' => 'control-label'], 'attr' => ['class' => 'form-control', 'data-toggle' => 'datetime'], 'format' => 'yyyy-MM-dd HH:mm', 'required' => false]); //add category $builder->add('category', 'category', ['bundle' => 'point']); $builder->add('buttons', 'form_buttons'); if (!empty($options['action'])) { $builder->setAction($options['action']); } }
/** * {@inheritdoc} */ public function buildForm(FormBuilderInterface $builder, array $options) { $builder->addEventSubscriber(new CleanFormSubscriber(array('description' => 'html'))); $builder->addEventSubscriber(new FormExitSubscriber('form.form', $options)); //details $builder->add('name', 'text', array('label' => 'mautic.core.name', 'label_attr' => array('class' => 'control-label'), 'attr' => array('class' => 'form-control'))); $builder->add('description', 'textarea', array('label' => 'mautic.core.description', 'label_attr' => array('class' => 'control-label'), 'attr' => array('class' => 'form-control editor'), 'required' => false)); //add category $builder->add('category', 'category', array('bundle' => 'form')); $builder->add('template', 'theme_list', array('feature' => 'form', 'empty_value' => ' ', 'attr' => array('class' => 'form-control', 'tooltip' => 'mautic.form.form.template.help'))); if (!empty($options['data']) && $options['data']->getId()) { $readonly = !$this->security->hasEntityAccess('form:forms:publishown', 'form:forms:publishother', $options['data']->getCreatedBy()); $data = $options['data']->isPublished(false); } elseif (!$this->security->isGranted('form:forms:publishown')) { $readonly = true; $data = false; } else { $readonly = false; $data = true; } $builder->add('isPublished', 'yesno_button_group', array('read_only' => $readonly, 'data' => $data)); $builder->add('inKioskMode', 'yesno_button_group', array('label' => 'mautic.form.form.kioskmode', 'attr' => array('tooltip' => 'mautic.form.form.kioskmode.tooltip'))); $builder->add('publishUp', 'datetime', array('widget' => 'single_text', 'label' => 'mautic.core.form.publishup', 'label_attr' => array('class' => 'control-label'), 'attr' => array('class' => 'form-control', 'data-toggle' => 'datetime'), 'format' => 'yyyy-MM-dd HH:mm', 'required' => false)); $builder->add('publishDown', 'datetime', array('widget' => 'single_text', 'label' => 'mautic.core.form.publishdown', 'label_attr' => array('class' => 'control-label'), 'attr' => array('class' => 'form-control', 'data-toggle' => 'datetime'), 'format' => 'yyyy-MM-dd HH:mm', 'required' => false)); $builder->add('postAction', 'choice', array('choices' => array('return' => 'mautic.form.form.postaction.return', 'redirect' => 'mautic.form.form.postaction.redirect', 'message' => 'mautic.form.form.postaction.message'), 'label' => 'mautic.form.form.postaction', 'label_attr' => array('class' => 'control-label'), 'attr' => array('class' => 'form-control', 'onchange' => 'Mautic.onPostSubmitActionChange(this.value);'), 'required' => false, 'empty_value' => false)); $postAction = isset($options['data']) ? $options['data']->getPostAction() : ''; $required = in_array($postAction, array('redirect', 'message')) ? true : false; $builder->add('postActionProperty', 'text', array('label' => 'mautic.form.form.postactionproperty', 'label_attr' => array('class' => 'control-label'), 'attr' => array('class' => 'form-control'), 'required' => $required)); $builder->add('sessionId', 'hidden', array('mapped' => false)); $builder->add('buttons', 'form_buttons'); $builder->add('formType', 'hidden'); if (!empty($options["action"])) { $builder->setAction($options["action"]); } }
/** * Checks if user has permission to access retrieved entity * * @param mixed $entity * @param string $action view|create|edit|publish|delete * * @return bool */ protected function checkEntityAccess($entity, $action = 'view') { if ($action != 'create') { $ownPerm = "{$this->permissionBase}:{$action}own"; $otherPerm = "{$this->permissionBase}:{$action}other"; return $this->security->hasEntityAccess($ownPerm, $otherPerm, $entity->getCreatedBy()); } return $this->security->isGranted("{$this->permissionBase}:create"); }
/** * Set a widget detail when needed * * @param WidgetDetailEvent $event * * @return void */ public function onWidgetDetailGenerate(WidgetDetailEvent $event) { $this->checkPermissions($event); if ($event->getType() == 'report') { $widget = $event->getWidget(); $params = $widget->getParams(); if (!$event->isCached()) { list($reportId, $graph) = explode(':', $params['graph']); $report = $this->model->getEntity($reportId); if ($report && $this->security->hasEntityAccess('report:reports:viewown', 'report:reports:viewother', $report->getCreatedBy())) { $reportData = $this->model->getReportData($report, null, ['ignoreTableData' => true, 'graphName' => $graph, 'dateFrom' => $params['dateFrom'], 'dateTo' => $params['dateTo']]); if (isset($reportData['graphs'][$graph])) { $graphData = $reportData['graphs'][$graph]; $event->setTemplateData(['chartData' => $graphData['data'], 'chartType' => $graphData['type'], 'chartHeight' => $widget->getHeight() - 90, 'reportId' => $report->getId(), 'dateFrom' => $params['dateFrom'], 'dateTo' => $params['dateTo']]); } } } $event->setTemplate('MauticReportBundle:SubscribedEvents\\Dashboard:widget.html.php'); $event->stopPropagation(); } }
/** * Helper function to check if the logged in user has access to an entity * * @param $ownPermission * @param $otherPermission * @param $ownerId * * @return bool */ public function hasEntityAccess($ownPermission, $otherPermission, $ownerId) { return $this->security->hasEntityAccess($ownPermission, $otherPermission, $ownerId); }